DNS change will kill sites dead

Thanks for that heads up. A quick check says mine are fine. Nice to have that off my list of things to worry about today. ;)

All of mine I have though DNS Made Easy are good, those using DNS from my registrar are not. I've notified them, thanks for the info. This one seems to be slipping under the radar with some registrars.

Thanks for the heads up, all ok here - glad i checked!

A forced clean up is occasionally required, as there are too many out there that just don't keep up with best practices, or worry about sloppy configs. To me, this is a good thing. :)

Hmm, I have one that reports as "slow I will have problems with this!" Not yet so sure what I can do.

Bit late to be hearing about it with just a few days to go.

Thanks for the heads up on this.

I found one site that reports it will work, but has problems.

Not sure exactly what it means, but i've notified the web host.

Tucows (enom) seems to not be valid! many have to move the dns server to my web host.

Newtek Web Hosting have told me that this is a hoax and that nothing is going to happen.

Edit: They have now got back to me and told me that they are aware of the issue.

Thanks for the heads up.

Now, if only I knew whether “Minor Issues” means “There may be something that might possibly need a bit of slight tweaking in 2023 or so” ... or “Your sites will still be reachable on 2 February, but we can’t make any promises concerning the 3rd, 4th or 5th”.

I tried link 1 above, in the first post -

"This domain is perfectly ready."

Many thanks for the heads up. Crossed off my list. But my list remains long. Ha!
.

All of my domains passed, except for one where the DNS is provided through an Office 365 account. This domain returns "minor issues". I checked further and the microsoft.com domain is also flagged with minor issues. It seems that Microsoft's DNS implementation is not up to date with the latest security standards.

Added:
Astonishing is that the w3c.org domain generates a serious problem with expected delays for clients. I thought these were the people in the front-line of new standards?

Minor issues only. It never ceases to amaze me that infrastructure companies are behind.

Thanks for the heads up. I used the first link and my sites are all OK.

Thanks for the heads up. All my current customers are fine. All the customers I fired recently are not (left my hosting). Oh well!

Doing the happy-happy-joy-joy dance now <G>

regarding the "Minor issues" report it seems there are some minor issues with this response!

Amazon Route53 DNS service hosted domains will report the minor issue error and they are well aware of it but point out that Route53 is fully EDNS0 compliant , which is the only officially confirmed version by the IETF , whilst the dnsflagday site tests for EDNS1 which is not actually officially a version yet so reports this minor error. AWS are a bit peeved by it as they are getting lots of support tickets about it when it is infact not an issue but they plan to implement a fix but will do so carefully as obviously it is very important service and changes made must be tested thoroughly.

Anyone else been trying out random domains to see if they can find competitors or just big names that failing the test?

This was posted recently to the BIND Users mailing list:

DNS flag day is when vendors of recursive name servers will stop releasing
new software that coddles ancient or broken authoritative servers and
firewalls. Instead of trying over and over in different ways to coax some
broken remote system to send back an answer, new resolver software will
just declare the remote server to be broken, and give up.

Nothing will stop working suddenly on February 1. However, the next time
you upgrade your recursive name server to the latest version, you *might*
have problems then. My guess is that you won't, but I can't guarantee it.

If you do have some legacy server running internally that can't be fixed to
support EDNS properly, you can still configure your resolvers not to use
EDNS when talking to that specific server. That option will still be
available after flag day.

An easy way to check would be to install the latest BIND development
release (version 9.13.5) and see if it works. It already has all the flag
day changes in it.

--
Evan Hunt -- [e-mail address redacted]
Internet Systems Consortium, Inc.

Thanks

This domain is perfectly ready, you do not need to worry about DNS flag day 2019.

It has been reported that the DNS Flag Day testing page is experiencing random times of giving less than optimal results.

...We have observed some false positives due to timeouts that are caused, not by non-compliance but by authoritative server rate limiting....

See Testing EDNS Compatibility with dig [kb.isc.org ]

A change was made to the way that the test was done that should cut down on that issue.

(I work for ISC)